Whether your business needs to comply with Privacy regulations or not, you have Privacy risk.
The more personal information collected and stored, the higher the risk to your business.
If data is not required by regulations, not required to provide products and/or services to your clients, employees, etc – then ask yourself, does my business really need this information? If not, then seriously look at disposing of it (in a secure way) or not even collecting it in the first place.
The days of ‘nice to have’ are gone. It must be ‘need to have’.
Well-defined and understood ‘housekeeping’ practices in place is imperative to minimising the amount of data collected and stored.
The attached article is a good read for any business owner as a reminder to minimise data and the value it brings.
Some key points in the article include:
- Clients trust businesses to protect their data. It is becoming more critical than ever especially with the continued breaches hitting the headlines.
- Businesses need to be more proactive and transparent with customers about how, where and why their data is used. Transparency and trust go hand in hand.
- Clients want to know what they will get in return for sharing their information. It’s the old adage of “What’s in it for me?”.
- Legislation changes targeted for 2nd half of 2019 will provide the Australian Privacy regulator (ie: OAIC) with significantly more powers and funding. Client and regulator expectations are rapidly rising.
Not only do clients expect great products and services, they want their data managed and protected in the best possible way.
A survey conducted in 2018 of over 500 Australian SMBs (1) found :
- 46% of SMBs responded their customers are increasingly opting out of data collection and sharing information, and
- 49% of SMBs responded customer data is becoming increasingly critical for their day-to-day operations, and 60% to deliver more personalised services to ultimately grow their business.
Why ? Clients losing confidence and trust in businesses to protect their data.
What to do ? Businesses (not matter what size) must be more diligent in maintaining their role as trusted custodians of their client’s information to narrow this gap.
We are clients to many businesses and we expect this. So as business owners, why shouldn’t we deliver this to our clients ?
It’s imperative for your business to have sustainable and well-defined Privacy practices to minimise data and ultimately risk.
If you would like to know more about implementing a cost-effective and tailored Privacy Program, please contact me at Privacy Proactive.
[Source : (1) HP Australia IT Security Study conducted August to September 2018]